If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Being Timed Out

Hi, I am being timed out by a stock trading co.
They advised me to allow a certain port number in tcp and udp, which I did.
They advised me to allow a quote feed address in my trusted zone.
I did this.
They then said I must write a rule to allow the said port to be open all the time.
I tried this and don't know if I did it correctly.
Can someone please advise on this problem.
Thank you

Re: Being Timed Out

Describe/list what has been done so far. Include ports/port ranges, IP/Ip ranges and the application involved (browser or special application?).
Also, has the Privacy been adjusted and what has been done with server rights?
Opended port where - in the expert of the firewall, in the expert of the application or in the firewall?
What protocol is involved?
Is ICMP involved?
Are your dns and dhcp IP in the trusted zone?

Re: Being Timed Out

Technically, just enabling both the servers with both accesses for the application should be sufficent (along with adding the Ip/Ip range as trusted in the zones).

Change both the Source and the Destination in the Expert to just My Computer and the IP/IP range involved. For both. Remove the previous rule.

Protocol:
Under protocol use https (443) for source and destination Any.
Add another Protocol, for source Any and destination 443.
Repeat again for http (80).
Again allowing two rules with source and destination for port 80.
Now the 443 is allowed in and out. The http is included since seldom 443 is alone and is often initiated and accompanied by http connections.

Time should be Any or set as you desire.
Track is Log (or Log and Alert)
Action is Allow
Rank is 1

Add the IP/IP range as Trusted in the Zones of the Firewall.

In the Program listing, right click the application.
Open the Options.
Open the Expert.
{remember to give these rules Names and give any description to your own liking}
1st rule, add a localhost
Source: add the address 127.0.0.1 and My computer
Destination: add the address 127.0.0.1 and My computer
Protocol: Any

Time should be Any or set as you desire.
Track is Log.
Action is Allow
Rank is 2

3rd rule for the Expert is the identical to the rule you just added/edited previously in the Expert of the Firewall.
Time should be Any or set as you desire.
Track is Log (or Log and Alert)
Action is Allow
Rank is 3

4th rule for the Expert is a "Block All" - any protocol and source and destiantion.
Time should be Any or set as you desire.
Track is Log and Alert)
Action is Block
Rank is 4

Check for the logs for the allowed connections and especially for the blocked connections. These are your guides to determining what needs to be chnaged or added in regards to the event. Set the logging and the alerts to High for the time being until this is properly sorted. This way things can be closely watched. The Block All Rule in the Expert will be active if there is more to be adjusted or additional rules to be created.

Next, if the Expert is used to it's fullest extent and range, then do not use single entries and instead use the Groups. Much faster and easier and a lot simpler.

Make sure the DHCP, DNS (s) and the loopback (127.0.0.1) are listed as Trusted in the Zones of the Firewall.
Make sure the Trusted Zone Security is at Medium and th Internet Zone Security is at the High setting.

In the Advanced of the Main of the Firewall, allow both Trusted and Internet servers.

In the Custom of the Main of the Firewall, for the Internet Security, allow all entries of the ICMP Echo (type 0 )and Request (type 8). This is for both pinging and tracert ICMP connections often needed for the later connections to be established. Destination Unreachable and Time Exceeded may have to be allowed for both directions as well. The ZA default settings only allows the minimal ICMP connections and directions. Allowing the other ICMP directions will be beneficial for the connections.

Furthermore... if using a router, inside the router....allow Reply to ICMP and perhaps the ports 443 and 80 will have to be allowed (if the IP range is available for the opned ports, then use that option).

Re: Being Timed Out

The first few rules attempted are the hardest.
The later rules beocme less confusing and much easier.
In the end, the internet/networking rules are filled in the expert and each and every application has it's own set of unique expert rules.
The firewall has become a tool for the user and the user is no longerer controlled by the firewall. The user has become free and is now the master of the firewall.

The user then has absolute control/monitoring over the internet/networking connections and the applications involved.

Ports, protocol and IP and directions have become very simple and are a pure joy.